I am trying something very simple, to pass the contents of a form (just
username and password) to execute a query on MySQL table. The problem
appears to be the password field.
For example,
username: money
password: penny
If type in the password as penny, it won't authenticate.
I checked the contents of password field in the MySQL table and somehow it's
converted it to a hexdecimal number. I then tried cutting and pasting that
hexadecimal number into the password box and it suddenly works.
What is happening? I am also wondering how to execute a query so the
password penny will match the hexadecimal number so the query returns a
value. Here's the current one below:
$sql="SELECT * FROM user_table WHERE username='".$us ername."' and
password='".$pa ssword."'";
Cheers
Phil 2 1601
Found this thread using Google groups which sort of explained what is
happening. http://groups.google.co.uk/groups?hl...Dcomp.lang.php
The bit I can't figure out is how other very similar scripts use the
password fields but they don't get converted to hexadecimal in tables. In my
particular script, the password field is a varchar(25) so should be big
enough to cope.
Need to do some more reading but any pointers will be handy.
Cheers
Phil
"Phil Latio" <ph********@f-in-stupid.co.uk> wrote in message
news:Vk******** **************@ news.easynews.c om... I am trying something very simple, to pass the contents of a form (just username and password) to execute a query on MySQL table. The problem appears to be the password field.
For example, username: money password: penny
If type in the password as penny, it won't authenticate.
I checked the contents of password field in the MySQL table and somehow
it's converted it to a hexdecimal number. I then tried cutting and pasting that hexadecimal number into the password box and it suddenly works.
What is happening? I am also wondering how to execute a query so the password penny will match the hexadecimal number so the query returns a value. Here's the current one below:
$sql="SELECT * FROM user_table WHERE username='".$us ername."' and password='".$pa ssword."'";
Cheers
Phil
Success. I realised it was the way I was adding users to the database that
was causing the encryption.. I took the below statement out of one of Julie
Meloni books.
$sql = "INSERT INTO $table_name (name, username, password)
VALUES(\"$name\ ",\"$username\" ,password(\"$pa ssword\")) ";
Cheers
Phil
"Phil Latio" <ph********@f-in-stupid.co.uk> wrote in message
news:JZ******** **************@ news.easynews.c om... Found this thread using Google groups which sort of explained what is happening. http://groups.google.co.uk/groups?hl...Dcomp.lang.php The bit I can't figure out is how other very similar scripts use the password fields but they don't get converted to hexadecimal in tables. In
my particular script, the password field is a varchar(25) so should be big enough to cope.
Need to do some more reading but any pointers will be handy.
Cheers
Phil "Phil Latio" <ph********@f-in-stupid.co.uk> wrote in message news:Vk******** **************@ news.easynews.c om... I am trying something very simple, to pass the contents of a form (just username and password) to execute a query on MySQL table. The problem appears to be the password field.
For example, username: money password: penny
If type in the password as penny, it won't authenticate.
I checked the contents of password field in the MySQL table and somehow it's converted it to a hexdecimal number. I then tried cutting and pasting
that hexadecimal number into the password box and it suddenly works.
What is happening? I am also wondering how to execute a query so the password penny will match the hexadecimal number so the query returns a value. Here's the current one below:
$sql="SELECT * FROM user_table WHERE username='".$us ername."' and password='".$pa ssword."'";
Cheers
Phil
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Tim Daneliuk |
last post by:
OK, I've Googled for this and cannot seem to quite find what I need.
So, I turn to the Gentle Geniuses here for help. Here is what I
need to do from within a script:
Given a username and a password (plain text):
1) Validate that the password is correct for that user *without actually logging in*.
2) If the password is valid, return a list of all the groups the user belongs to.
Otherwise, return some error string.
|
by: jrefactors |
last post by:
I want to ask how password is stored and how to check the
authentication?
I have heard password is never encrypted and decrypted, but it is
hashed.
For example, consider a simple email logon authentication in a hash
table:
Key: my email address
Value: hash_function(my plan text password)
|
by: Rod |
last post by:
I have a requirement in which I need to allow the user to log into our
ASP.NET application, but also be able to change their Windows password, if
it is expired. I had thought that Windows authentication would do the
trick, but it appears not to. (If the user's password has expired, it will
sit there forever asking the user for their username and password in the
Windows login dialog box that pops up.)
1) The way I see it, I have two...
|
by: Henry |
last post by:
Hi, my asp.net application is accessing a mssql on another server.
This works fine when I use this in my web.config file:
<add key="dbkey" value="server=192.12.12.1;database=mydb;user=dbuser;password=mypassword"
/>
However I don't like to store my password in plain text.
I played around with aspnet_setreg.exe and I followed those
instructions:
|
by: sunniyeow |
last post by:
Hi, My question is regarding password protecting 2 different folders
inside a single virtual directory using forms authentication method.
Easier if I illustrate things out...
- <authentication mode="Forms">
- Virtual Directory aka Top Level Root = /mysite
- Inside /mysite I have 2 sub-folders which I want to password protect
= /adminonly and /memberonly
- /adminonly is assigned to a single Admin user with a hard-coded pair
of username...
| |
by: Prabu Subroto |
last post by:
Dear my friends...
I am using SuSE 9.1 and postgres 7.2.x .
Each time if I want to connect to postgres with
postgres I do like this:
"
patrixlinux@patrix:~> su
Password:
patrix:/localhome/patrixlinux # su postgres
|
by: J |
last post by:
Hello. I apologize if this isn't the appropriate group for this question
but I was wondering if it's possible to allow regular windows domain users
to change their passwords through an .asp page? I'm trying to figure out
the best way to handle domain users to log into an .asp application tied
with SQL Server 2000 on the back end since I keep reading that windows
authentication is better practice to log into SQL Server. Thanks in...
|
by: nick |
last post by:
I need to create a simple asp.net application that use password protect some
html pages. The html page provider doesn't know asp.net. And the host doesn't
allow me to create user accounts.
What's the best way to store users/password except database tables? and to
store html files?
|
by: webrod |
last post by:
Hi all,
how can I check a user/password in a LDAP ?
I don't want to connect with this user, I would like to connect to LDAP
with a ADMIN_LOG/ADMIN_PWD, then do a query to find the user and check
the password.
The thing is I can't access the password attribute to compare with the
user's password provided.
|
by: =?Utf-8?B?Sm9l?= |
last post by:
I need to store a password for use later in my web app and
I would like to use FormsAuthentication.HashPasswordForStoringInConfigFile.
The question is, once it's hashed and stored, do I need to
unhash it to pass to windows for authentication? Or can
I set something in Web.Config that will do that?
I haven't found any documentation that points me to what to do
next.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |